adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,258 Commits 27 Branches 1,043 Tags
e2d052322d68ce4976bae22e4537ea4bea419fc8
Commit Graph

68258 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
adfoster-r7 e2d052322d Support upload and download command for powershell sessions 2022-10-26 11:48:31 +01:00
space-r7 35e4d829d8 Land #17164, add THEME_DIR option to wp_crop_rce 2022-10-25 12:23:50 -05:00
space-r7 7c64b0ba93 add option in documentation and add notes 2022-10-25 12:22:00 -05:00
r3nt0n 982cfb97c2 Refactor: check for THEME_DIR as ternary 
Suggested by @space-r7
 2022-10-25 17:38:30 +02:00
Metasploit e949c68f9c automatic module_metadata_base.json update 2022-10-24 14:41:43 -05:00
bwatters 9902e9a1e4 Land #17110, check files exist before doing other things 
Merge branch 'land-17110' into upstream-master
 2022-10-24 14:20:16 -05:00
Metasploit 97f7243a36 automatic module_metadata_base.json update 2022-10-24 11:49:00 -05:00
Jack Heysel 3bf4bd7d7d Land #17162, add RCE module for CVE-2022-35914 
This PR adds an RCE module for the php code injection
present in GLPI versions 10.0.2 and below
 2022-10-24 12:18:34 -04:00
jheysel-r7 3bbd05a11a Update modules/exploits/linux/http/glpi_htmlawed_php_injection.rb 
Co-authored-by: Brendan <bwatters@rapid7.com>
 2022-10-24 11:48:33 -04:00
Spencer McIntyre 7aa62bfecd Land #17071, Add in new LDAP queries 
Add in new LDAP queries to help with various attack paths
 2022-10-24 09:18:41 -04:00
Spencer McIntyre 4bc98c6cc5 Fix a YAML syntax issue 2022-10-24 09:18:10 -04:00
bwatters 51264862f2 Land #17172, Msf::Post::File.append_file: Append not overwrite on *nix shell sessions 
Merge branch 'land-17172' into upstream-master
 2022-10-21 16:54:59 -05:00
Grant Willcox 01e4701bef Reorder queries alphabetically and fix up errors identified during review 2022-10-21 11:18:23 -05:00
bcoles cd656ecdbb Msf::Post::File.append_file: Append not overwrite on *nix shell sessions 2022-10-21 23:28:14 +11:00
space-r7 a9c3c61aa3 Land #17050, make osx payload fileless 2022-10-20 14:13:32 -05:00
Spencer McIntyre 7d6c0a8eba Land #17165, Update commiters keys doc 
Update commiters keys doc with updated info
 2022-10-20 15:11:43 -04:00
space-r7 5910afadd9 add new binary 2022-10-20 13:47:54 -05:00
Metasploit 9f6134813e Bump version of framework to 6.2.24 2022-10-20 12:14:26 -05:00
Grant Willcox e9851f3381 Remove Brendan as Metasploit manager and replace with Spencer. 2022-10-20 11:00:17 -05:00
Grant Willcox 36a915fe5c Update contributors with new contributors, remove old contributors, and update contact info 2022-10-20 10:55:58 -05:00
Metasploit fab762abbc automatic module_metadata_base.json update 6.2.23 2022-10-20 10:01:43 -05:00
r3nt0n 08721ccf73 Adding THEME_DIR option to wp_crop_rce exploit 2022-10-20 16:37:21 +02:00
Christophe De La Fuente 43f7d7b73e Land #17098, Hikvision camera unauthenticated information disclosure 2022-10-20 16:20:12 +02:00
Metasploit 8f5fd09492 automatic module_metadata_base.json update 2022-10-20 08:32:36 -05:00
Christophe De La Fuente 4cfbae63ac Land #17114, Add exploit for CVE-2022-41352 (zimbra cpio) 2022-10-20 15:10:42 +02:00
Christophe De La Fuente c89569d88c Fix the doc to make msftidy_docs.rb happy 2022-10-20 14:33:40 +02:00
adfoster-r7 ee800db2fa Land #17161, Bump actions/checkout to version 3.x 2022-10-20 11:02:35 +01:00
adfoster-r7 1a00bb5f43 Land #17089, Bump actions/github-script to v6 2022-10-20 10:51:55 +01:00
bwatters 73c879a854 Add docs 2022-10-19 17:59:54 -05:00
bwatters 6039e54b75 For real, this time 2022-10-19 17:23:16 -05:00
bwatters 78e8de826b Sure; I can spell 2022-10-19 17:22:29 -05:00
bwatters 238aa9058f Fix Cmdstager flavor, complete info hash 2022-10-19 17:18:20 -05:00
bwatters 56b8bf6302 Working draft for CVE-2022-35914 2022-10-19 14:33:33 -05:00
Grant Willcox 3f6649982b Update additional .github files to use actions/checkout@v3 2022-10-19 12:59:32 -05:00
Ron Bowes d8a5629cf4 Add Zimbra-installation notes 2022-10-19 10:05:20 -07:00
Ron Bowes 56d6f7747b Remove some old code and update documentation with version info 2022-10-19 10:02:29 -07:00
Grant Willcox 2d2ab6b739 Bump actions/checkout to version 3.x to use NodeJS 16.x instead of deprecated NodeJS 12 2022-10-19 11:36:36 -05:00
Grant Willcox a4acd8a680 Land #17154, improve qualys import times 2022-10-19 10:44:22 -05:00
Metasploit 13cfdd0e44 automatic module_metadata_base.json update 2022-10-19 04:20:04 -05:00
Christophe De La Fuente 15d81ca04c Land #17135, Add namespace to identify.rb 2022-10-19 10:48:25 +02:00
Christophe De La Fuente c43272985e Land #17141, Zimbra Postfix priv esc 2022-10-19 10:33:37 +02:00
Metasploit a37d12f33b automatic module_metadata_base.json update 2022-10-18 18:32:15 -05:00
bwatters f901dba4f4 Land #17143, Added module for CVE-2022-40684 
(FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass)

Merge branch 'land-17143' into upstream-master
 2022-10-18 18:08:52 -05:00
Jeffrey Martin 016a1c9da9 one more safer access 2022-10-18 15:02:58 -05:00
Jeffrey Martin 7b9ed4a1da corrections to reference IDs 2022-10-18 14:57:44 -05:00
Ron Bowes 9a35a5c8dd Post patch info 2022-10-18 10:12:54 -07:00
Ron Bowes 6bdf0da994 Add a sanity check before generating the payload - prevents a confusing error if the server is down 2022-10-18 10:09:51 -07:00
Ron Bowes 61abcc008f Merge pull request #1 from cdelafuente-r7/zimbra_postfix_doc_fix 
Zimbra Postfix LPE doc fix
 2022-10-18 09:27:44 -07:00
Grant Willcox 781ee000d9 Land #17157, Check global LHOST before generating it from RHOSTS 2022-10-18 10:49:06 -05:00
Christophe De La Fuente fa67b6973d Documentation fix to follow the template 2022-10-18 16:09:57 +02:00